From: Yonghong Song <yhs@fb.com>
To: Kuniyuki Iwashima <kuniyu@amazon.co.jp>,
"David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>
Cc: Benjamin Herrenschmidt <benh@amazon.com>,
Kuniyuki Iwashima <kuni1840@gmail.com>, <bpf@vger.kernel.org>,
<netdev@vger.kernel.org>
Subject: Re: [PATCH v3 bpf-next 2/2] selftest/bpf: Implement sample UNIX domain socket iterator program.
Date: Thu, 5 Aug 2021 09:59:40 -0700 [thread overview]
Message-ID: <25688602-6151-d8f0-17ef-1661110ed26e@fb.com> (raw)
In-Reply-To: <20210804070851.97834-3-kuniyu@amazon.co.jp>
On 8/4/21 12:08 AM, Kuniyuki Iwashima wrote:
> If there are no abstract sockets, this prog can output the same result
> compared to /proc/net/unix.
>
> # cat /sys/fs/bpf/unix | head -n 2
> Num RefCount Protocol Flags Type St Inode Path
> ffff9ab7122db000: 00000002 00000000 00010000 0001 01 10623 private/defer
>
> # cat /proc/net/unix | head -n 2
> Num RefCount Protocol Flags Type St Inode Path
> ffff9ab7122db000: 00000002 00000000 00010000 0001 01 10623 private/defer
>
> According to the analysis by Yonghong Song (See the link), the BPF verifier
> cannot load the code in the comment to print the name of the abstract UNIX
> domain socket due to LLVM optimisation. It can be uncommented once the
> LLVM code gen is improved.
I have pushed the llvm fix to llvm14 trunk
(https://reviews.llvm.org/D107483), and filed a request to backport to
llvm13 (https://bugs.llvm.org/show_bug.cgi?id=51363), could you in the
next revision uncomment the "for" loop code and tested it with latest
llvm trunk compiler? Please also add an entry in selftests/bpf/README.rst
to mention the llvm commit https://reviews.llvm.org/D107483 is needed
for bpf_iter unix_socket selftest, otherwise, they will see an error
like ...
>
> Link: https://lore.kernel.org/netdev/1994df05-8f01-371f-3c3b-d33d7836878c@fb.com/
> Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.co.jp>
> ---
> .../selftests/bpf/prog_tests/bpf_iter.c | 16 ++++
> tools/testing/selftests/bpf/progs/bpf_iter.h | 8 ++
> .../selftests/bpf/progs/bpf_iter_unix.c | 86 +++++++++++++++++++
> .../selftests/bpf/progs/bpf_tracing_net.h | 4 +
> 4 files changed, 114 insertions(+)
> create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_unix.c
>
> diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c
> index 1f1aade56504..77ac24b191d4 100644
> --- a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c
> +++ b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c
> @@ -13,6 +13,7 @@
> #include "bpf_iter_tcp6.skel.h"
> #include "bpf_iter_udp4.skel.h"
> #include "bpf_iter_udp6.skel.h"
> +#include "bpf_iter_unix.skel.h"
> #include "bpf_iter_test_kern1.skel.h"
> #include "bpf_iter_test_kern2.skel.h"
> #include "bpf_iter_test_kern3.skel.h"
> @@ -313,6 +314,19 @@ static void test_udp6(void)
> bpf_iter_udp6__destroy(skel);
> }
>
> +static void test_unix(void)
> +{
> + struct bpf_iter_unix *skel;
> +
> + skel = bpf_iter_unix__open_and_load();
> + if (!ASSERT_OK_PTR(skel, "bpf_iter_unix__open_and_load"))
> + return;
> +
> + do_dummy_read(skel->progs.dump_unix);
> +
> + bpf_iter_unix__destroy(skel);
> +}
> +
[...]
> + if (unix_sk->addr) {
> + if (!UNIX_ABSTRACT(unix_sk)) {
> + BPF_SEQ_PRINTF(seq, " %s", unix_sk->addr->name->sun_path);
> + } else {
> + BPF_SEQ_PRINTF(seq, " @");
> +
> + /* The name of the abstract UNIX domain socket starts
> + * with '\0' and can contain '\0'. The null bytes
> + * should be escaped as done in unix_seq_show().
> + * However, the BPF verifier cannot load the code below
> + * because of the optimisation by LLVM. So, print only
> + * the first escaped byte here for now. Once LLVM code
> + * gen is improved, remove the BPF_SEQ_PRINTF() above
> + * and uncomment the code below.
> + *
> + * int i, len;
> + *
> + * len = unix_sk->addr->len - sizeof(short);
> + *
> + * BPF_SEQ_PRINTF(seq, " @");
> + *
> + * // unix_mkname() tests this upper bound.
> + * if (len < sizeof(struct sockaddr_un))
> + * for (i = 1 ; i < len; i++)
> + * BPF_SEQ_PRINTF(seq, "%c",
> + * unix_sk->addr->name->sun_path[i] ?:
> + * '@');
> + */
> + }
> + }
> +
[...]
next prev parent reply other threads:[~2021-08-05 17:00 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-04 7:08 [PATCH v3 bpf-next 0/2] BPF iterator for UNIX domain socket Kuniyuki Iwashima
2021-08-04 7:08 ` [PATCH v3 bpf-next 1/2] bpf: af_unix: Implement " Kuniyuki Iwashima
2021-08-05 16:53 ` Yonghong Song
2021-08-06 0:21 ` Kuniyuki Iwashima
2021-08-06 0:41 ` Martin KaFai Lau
2021-08-06 1:05 ` Kuniyuki Iwashima
2021-08-04 7:08 ` [PATCH v3 bpf-next 2/2] selftest/bpf: Implement sample UNIX domain socket iterator program Kuniyuki Iwashima
2021-08-05 16:59 ` Yonghong Song [this message]
2021-08-06 0:24 ` Kuniyuki Iwashima
2021-08-06 23:33 ` Andrii Nakryiko
2021-08-07 0:09 ` Kuniyuki Iwashima
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=25688602-6151-d8f0-17ef-1661110ed26e@fb.com \
--to=yhs@fb.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=benh@amazon.com \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=kuni1840@gmail.com \
--cc=kuniyu@amazon.co.jp \
--cc=netdev@vger.kernel.org \
--cc=songliubraving@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).